# This is a basic playbook

- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=cloud-noc01.fedorainfracloud.org"

- name: make cloud noc hardware
  hosts: cloud-noc01.fedorainfracloud.org
  user: root
  gather_facts: True

  vars_files:
   - /srv/web/infra/ansible/vars/global.yml
   - "/srv/private/ansible/vars.yml"
   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - base
  - rkhunter
  - nagios_client
  - hosts
  - collectd/base
  - sudo
  - dhcp_server
  - tftp_server

  pre_tasks:
  - import_tasks: "{{ tasks_path }}/yumrepos.yml"

  tasks:
  - import_tasks: "{{ tasks_path }}/motd.yml"

  - name: check if ntpd port is already known by selinux
    shell: semanage port -l | grep ntp
    register: ntp_selinux_port
    check_mode: no
    changed_when: false
    failed_when: false
    tags:
    - config
    - selinux

  - name: allow alternate ntpd port
    command: semanage port -a -t ntp_port_t -p tcp 124
    when: '"124" not in ntp_selinux_port'
    failed_when: false
    tags:
    - config
    - selinux

  - name: allow alternate ntpd port
    command: semanage port -a -t ntp_port_t -p udp 124
    when: '"124" not in ntp_selinux_port'
    failed_when: false
    tags:
    - config
    - selinux

  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

